Commit graph

29000 commits

Author SHA1 Message Date
Andrew Chow
cc3f14b27c Move output reductions for fee to after coin selection
Simplifies CreateTransactionInternal without changing behavior. Removes
the pick_new_inputs variable by moving the subtract fee from amount
implementation to later in the loop to where it is possible to calculate
the fee for the transaction. This allows the fee to be subtracted from
the outputs within a single iteration, instead of calculating the fee in
the first iteration, and subtracting the fee in the second.

This also removes another scenario where a second iteration of the loop
finds a smaller input set (and thus smaller fees than the first
iteration) with no change and so a third iteration of the loop is done in order to make
a change output that contains the excess fees.

To handle these cases, we always create a change output which contains
the difference between selected input values and the recipient amounts.
Once the transaction fee is calculated, the change output is reduced (in
the normal case) or the recipient amounts are reduced (in the subtract
fee from amount case). All of this is done in a single iteration of the
loop.
2021-05-19 13:22:27 -04:00
Andrew Chow
d97d25d950 Make cost_of_change part of CoinSelectionParams 2021-05-13 16:40:56 -04:00
Andrew Chow
af5867c896 Move some calculations to common code in SelectCoinsMinConf
To prepare for KnapsackSolver to use effective values, these
calculations are moved out of the BnB if block to allow for them to be
shared with KnapsackSolver in the future.
2021-05-13 16:40:56 -04:00
Andrew Chow
1bf4a62cb6 scripted-diff: rename some variables
actual_target -> selection_target
nChange -> change_and_fee

-BEGIN VERIFY SCRIPT-
sed -i -e 's/actual_target/selection_target/g' src/wallet/coinselection.cpp
sed -i -e '2801,3691s/nChange /change_and_fee /g' src/wallet/wallet.cpp
sed -i -e '2801,3691s/nChange,/change_and_fee,/g' src/wallet/wallet.cpp
sed -i -e '2801,3691s/nChange;/change_and_fee;/g' src/wallet/wallet.cpp
-END VERIFY SCRIPT-
2021-05-13 16:40:56 -04:00
W. J. van der Laan
b34bf2b42c
Merge bitcoin/bitcoin#21939: refactor: Replace memset calls with array initialization
1c9255c7dd refactor: Replace memset calls with array initialization (João Barbosa)

Pull request description:

  Follow up to https://github.com/bitcoin/bitcoin/pull/21905#pullrequestreview-657045699.

ACKs for top commit:
  laanwj:
    re-ACK 1c9255c7dd
  Crypt-iQ:
    Code review ACK 1c9255c7dd

Tree-SHA512: 4b61dec2094f4781ef1c0427ee3bda3cfea12111274eebc7bc40a84f261d9c1681dd0860c57200bea2456588e44e8e0aecd18545c25f1f1250dd331ab7d05f28
2021-05-13 19:25:21 +02:00
W. J. van der Laan
4741aec1dd
Merge bitcoin/bitcoin#21914: net: use stronger AddLocal() for our I2P address
105941b726 net: use stronger AddLocal() for our I2P address (Vasil Dimov)

Pull request description:

  There are two issues:

  ### 1. Our I2P address not added to local addresses.

  * `externalip=` is used with an IPv4 address (this sets automatically `discover=0`)
  * No `discover=1` is used
  * `i2psam=` is used
  * No `externalip=` is used for our I2P address
  * `listenonion=1 torcontrol=` are used

  In this case `AddLocal(LOCAL_MANUAL)` [is used](94f83534e4/src/torcontrol.cpp (L354)) for our `.onion` address and `AddLocal(LOCAL_BIND)` [for our](94f83534e4/src/net.cpp (L2247)) `.b32.i2p` address, the latter being [ignored](94f83534e4/src/net.cpp (L232-L233)) due to `discover=0`.

  ### 2. Our I2P address removed from local addresses even if specified with `externalip=` on I2P proxy restart.

  * `externalip=` is used with our I2P address (this sets automatically `discover=0`)
  * No `discover=1` is used
  * `i2psam=` is used

  In this case, initially `externalip=` causes our I2P address to be [added](94f83534e4/src/init.cpp (L1266)) with `AddLocal(LOCAL_MANUAL)` which overrides `discover=0` and works as expected. However, if later the I2P proxy is shut down [we do](94f83534e4/src/net.cpp (L2234)) `RemoveLocal()` in order to stop advertising our I2P address (since we have lost I2P connectivity). When the I2P proxy is started and we reconnect to it, restoring the I2P connectivity, [we do](94f83534e4/src/net.cpp (L2247)) `AddLocal(LOCAL_BIND)` which does nothing due to `discover=0`.

  To resolve those two issues, use `AddLocal(LOCAL_MANUAL)` for I2P which is also what we do with Tor.

ACKs for top commit:
  laanwj:
    Code review ACK 105941b726

Tree-SHA512: 0c9daf6116b8d9c34ad7e6e9bbff6e8106e94e4394a815d7ae19287aea22a8c7c4e093c8dd8c58a4a1b1412b2575a9b42b8a93672c8d17f11c24508c534506c7
2021-05-13 15:36:44 +02:00
João Barbosa
1c9255c7dd refactor: Replace memset calls with array initialization 2021-05-13 12:42:21 +01:00
Samuel Dobson
a31a1ceec7
Merge bitcoin/bitcoin#21907: wallet: Do not iterate a directory if having an error while accessing it
29c9e2c2d2 wallet: Do not iterate a directory if having an error while accessing it (Hennadii Stepanov)

Pull request description:

  On Windows when `ListDatabases` tries to iterate any system folder, e.g., "System Volume Information", it falls into an infinite loop.

  This PR fixes this bug. Now the `debug.log` contains:
  ```
  2021-05-12T09:07:53Z ListDatabases: Access is denied D:/System Volume Information -- skipping.
  ```

  An easy way to reproduce the bug and test this PR is to pass the `-walletdir=D:\` command-line option, and run the `listwalletdir` RPC, or File -> Open Wallet in the GUI menu.

  Fixes #20081.
  Fixes #21136.
  Fixes #21904.

  Also https://bitcoin.stackexchange.com/questions/99243/listwalletdir-access-is-denied-d-system-volume-information

ACKs for top commit:
  prayank23:
    ACK 29c9e2c2d2
  promag:
    Code review ACK 29c9e2c2d2.
  meshcollider:
    Code review ACK 29c9e2c2d2

Tree-SHA512: b851c88e6d09626f4cb81acc2fa59a563b2aee64582963285715bf785c64b872e8bf738aa6b27bdbaf4c3e5c8565c2dc2c802135f9aa1f48b4b913435bc5d793
2021-05-13 21:09:32 +12:00
Samuel Dobson
386ba92e83
Merge bitcoin/bitcoin#21910: refactor: remove redundant fOnlySafe argument
c30dd02cd8 refactor: remove redundant fOnlySafe argument (t-bast)

Pull request description:

  The `fOnlySafe` argument to `AvailableCoins` is now redundant, since #21359 added a similar field inside the `CCoinControl` struct (see https://github.com/bitcoin/bitcoin/pull/21359#discussion_r591578684).

  Not all code paths create a `CCoinControl` instance, but when it's missing we can default to using only safe inputs which is backwards-compatible.

ACKs for top commit:
  instagibbs:
    utACK c30dd02cd8
  promag:
    Code review ACK c30dd02cd8.
  achow101:
    ACK c30dd02cd8
  meshcollider:
    Code review + test run ACK c30dd02cd8

Tree-SHA512: af3cb598d06f233fc48a7c9c45bb14da92b5cf4168b8dbd4f134dc3e0c2b615c6590238ddb1eaf380aea5bbdd3386d2ac8ecd7d22dfc93579adc39248542839b
2021-05-13 21:05:55 +12:00
MarcoFalke
db2990d01f
Merge bitcoin/bitcoin#21925: doc: Update bips.md for 0.21.1
faf30f2ae0 doc: Update bips.md for 0.21.1 (MarcoFalke)

Pull request description:

ACKs for top commit:
  kristapsk:
    ACK faf30f2ae0
  jarolrod:
    ACK faf30f2ae0
  prayank23:
    ACK faf30f2ae0

Tree-SHA512: b09e8782306fe990d4eba871627cb7aa97a521a5aa08b7c7369fbfc24e49c3c9386cd06c590af076dff9b95ade207cc470911aa4b97cd5f366630974e71e1348
2021-05-13 09:15:15 +02:00
MarcoFalke
0ab6ff5e37
Merge bitcoin/bitcoin#21931: ci: Bump cirrus fuzz CPUs to avoid timeout
fa397a6a9c ci: Bump cirrus fuzz CPUs to avoid timeout (MarcoFalke)

Pull request description:

ACKs for top commit:
  hebasto:
    ACK fa397a6a9c, let's try it.

Tree-SHA512: 7e06dda66c71d76e5fd144f6b5bb10f0bcac72feb15bd0f400ef08ba4dcb92558319401ef5f9d3822376affceb2192df1903b3a79c0ab2d7283ca21454054dea
2021-05-12 21:25:34 +02:00
W. J. van der Laan
ee9befe8b4
Merge bitcoin/bitcoin#21584: Fix assumeutxo crash due to invalid base_blockhash
fa340b8794 refactor: Avoid magic value of all-zeros in assumeutxo base_blockhash (MarcoFalke)
fae33f98e6 Fix assumeutxo crash due to invalid base_blockhash (MarcoFalke)
fa5668bfb3 refactor: Use type-safe assumeutxo hash (MarcoFalke)
0000007709 refactor: Remove unused code (MarcoFalke)
faa921f787 move-only: Add util/hash_type (MarcoFalke)

Pull request description:

  Starting with commit d6af06d68a, a block hash of all-zeros is invalid and will lead to a crash of the node. Can be tested by cherry-picking the test changes without the other changes.

  Stack trace (copied from https://github.com/bitcoin/bitcoin/pull/21584#discussion_r612673879):

  ```
  #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
  #1  0x00007ffff583c8b1 in __GI_abort () at abort.c:79
  #2  0x00007ffff582c42a in __assert_fail_base (fmt=0x7ffff59b3a38 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n",
      assertion=assertion@entry=0x555556c8b450 "!hashBlock.IsNull()", file=file@entry=0x555556c8b464 "txdb.cpp", line=line@entry=89,
      function=function@entry=0x555556c8b46d "virtual bool CCoinsViewDB::BatchWrite(CCoinsMap &, const uint256 &)") at assert.c:92
  #3  0x00007ffff582c4a2 in __GI___assert_fail (assertion=0x555556c8b450 "!hashBlock.IsNull()", file=0x555556c8b464 "txdb.cpp", line=89,
      function=0x555556c8b46d "virtual bool CCoinsViewDB::BatchWrite(CCoinsMap &, const uint256 &)") at assert.c:101
  #4  0x000055555636738b in CCoinsViewDB::BatchWrite (this=0x5555577975c0, mapCoins=std::unordered_map with 110 elements = {...}, hashBlock=...) at txdb.cpp:89
  #5  0x00005555564a2e80 in CCoinsViewBacked::BatchWrite (this=0x5555577975f8, mapCoins=std::unordered_map with 110 elements = {...}, hashBlock=...) at coins.cpp:30
  #6  0x00005555564a43de in CCoinsViewCache::Flush (this=0x55555778eaf0) at coins.cpp:223
  #7  0x00005555563fc11d in ChainstateManager::PopulateAndValidateSnapshot (this=0x55555740b038 <g_chainman>, snapshot_chainstate=..., coins_file=..., metadata=...)
      at validation.cpp:5422
  #8  0x00005555563fab3d in ChainstateManager::ActivateSnapshot (this=0x55555740b038 <g_chainman>, coins_file=..., metadata=..., in_memory=true) at validation.cpp:5299
  #9  0x0000555555e8c893 in validation_chainstatemanager_tests::CreateAndActivateUTXOSnapshot<validation_chainstatemanager_tests::chainstatemanager_activate_snapshot::test_method()::$_12>(NodeContext&, boost::filesystem::path, validation_chainstatemanager_tests::chainstatemanager_activate_snapshot::test_method()::$_12) (node=...,
      root=..., malleation=...) at test/validation_chainstatemanager_tests.cpp:199
  #10 0x0000555555e8877a in validation_chainstatemanager_tests::chainstatemanager_activate_snapshot::test_method (this=0x7fffffffc8d0)
      at test/validation_chainstatemanager_tests.cpp:262

ACKs for top commit:
  laanwj:
    Code review re-ACK fa340b8794
  jamesob:
    ACK fa340b8794 ([`jamesob/ackr/21584.1.MarcoFalke.fix_assumeutxo_crash_due`](https://github.com/jamesob/bitcoin/tree/ackr/21584.1.MarcoFalke.fix_assumeutxo_crash_due))

Tree-SHA512: c2c4e66c1abfd400ef18a04f22fec1f302f1ff4d27a18050f492f688319deb4ccdd165ff792eee0a1f816e7b69fb64080662b79517ab669e3d26b9eb77802851
2021-05-12 21:00:12 +02:00
W. J. van der Laan
79da18a9eb
Merge bitcoin/bitcoin#21911: build: add configure~ to .gitignore
bc4538806e build: add *~ to .gitignore (Sjors Provoost)

Pull request description:

  The file `configure~` recently started appearing for me on macOS (11.3.1) whenever configure is (re)run.

ACKs for top commit:
  hebasto:
    ACK bc4538806e, tested on Linux Mint 20.1 with different build scenarios including cross-compiling for Windows and macOS.

Tree-SHA512: 830c7baf392ff6d66250a79c6ed0a98dac3daaace54a6d2e7940b9a72e3bac79ab44bbecd7642c931fde8a446654e2260d6afdecc679a1743fae6ec5eeda79f1
2021-05-12 19:45:10 +02:00
MarcoFalke
fa397a6a9c
ci: Bump cirrus fuzz CPUs to avoid timeout 2021-05-12 18:26:37 +02:00
Sjors Provoost
bc4538806e
build: add *~ to .gitignore
Homebrew autoconf version 2.7.1 introduces configure~ as a build artifact.

Co-authored-by: Hennadii Stepanov <32963518+hebasto@users.noreply.github.com>
2021-05-12 18:10:47 +02:00
W. J. van der Laan
6b49d88a5d
Merge bitcoin/bitcoin#21905: net: initialize nMessageSize to uint32_t max
9c891b64ff net: initialize nMessageSize to max uint32_t instead of -1 (eugene)

Pull request description:

  nMessageSize is uint32_t and is set to -1. This will warn with `-fsanitize=implicit-integer-sign-change` when V1TransportDeserializer calls into the ctor.  This pull initializes nMessageSize to `numeric_limits<uint32_t>::max()` instead and removes the ubsan suppression.

ACKs for top commit:
  laanwj:
    Code review ACK 9c891b64ff
  promag:
    Code review ACK 9c891b64ff.

Tree-SHA512: f05173d9553a01d207a5a7f8ff113d9e11354c50b494a67d44d3931c151581599a9da4e28f40edd113f4698ea9115e6092b2a5b7329c841426726772076c1493
2021-05-12 17:39:39 +02:00
W. J. van der Laan
d2ec37221a
Merge bitcoin/bitcoin#21796: index: Avoid async shutdown on init error
faad68fcd4 index: Avoid async shutdown on init error (MarcoFalke)

Pull request description:

  An async shutdown during init is confusing when a simple boolean return value can be used for a synchronous shutdown.

  This also changes the error message on stderr from:

  ```
  Error: A fatal internal error occurred, see debug.log for details
  Error: A fatal internal error occurred, see debug.log for details
  ```

  To:

  ```
  Error: basic block filter index best block of the index goes beyond pruned data. Please disable the index or reindex (which will download the whole blockchain again)

ACKs for top commit:
  laanwj:
    Code review ACK faad68fcd4

Tree-SHA512: 92dd895266d6d15a6b1a5c081c9b83f83d5c82e9bfceb3ea0664f48540812239e274c829ff0271c4a0afb6d6a8f67d89c5af20d719982ad62999a41ca0623274
2021-05-12 14:58:47 +02:00
MarcoFalke
91db985bc9
Merge bitcoin/bitcoin#21927: fuzz: Run const CScript member functions only once
fa74bfc860 fuzz: Run const CScript member functions only once (MarcoFalke)

Pull request description:

  Those functions should be O(N) in the input size (or maybe worse, I didn't check), so if the fuzz input dictates to run them N times, the complexity is N^2.

  Fix this by calling them only once.

  Can be reviewed with: `--ignore-all-space  --word-diff-regex=.`

  Input: https://github.com/bitcoin/bitcoin/files/6464685/clusterfuzz-testcase-minimized-input.log

  Hopefully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34101

ACKs for top commit:
  practicalswift:
    cr ACK fa74bfc860: patch looks correct, rationale makes sense and patch touches only `src/test/fuzz/`

Tree-SHA512: d579f7a2103ec154bf482a872142e55a1d9e7673d33a22a4c4230186fdd1b6618846463f4e25941031cc8c4bd1ea8d06cb49ae1bb1ec4af115497f5e5de1e19c
2021-05-12 14:48:25 +02:00
W. J. van der Laan
176842daa8
Merge bitcoin/bitcoin#21912: doc: Remove mention of priority estimation
fa0ad7b9fe doc: Remove mention of priority estimation (MarcoFalke)

Pull request description:

ACKs for top commit:
  laanwj:
    Documentation review ACK fa0ad7b9fe

Tree-SHA512: 1be856efc0a25c6bec31e6e58879bbccce18f69cc4f180b285a24362b032f1abeaabc55f9bb064c4c30d3217c38b3f96f52bdf80e13c6069c86cdc4d21f57ef3
2021-05-12 14:15:40 +02:00
W. J. van der Laan
01624a7db3
Merge bitcoin/bitcoin#21462: guix: Add guix-{attest,verify} scripts
d420e5c1c0 guix-attest: Avoid incomplete sigdirs with ERR traps (Carl Dong)
feda2c8e31 guix: Skip attesting to dist-archive (Carl Dong)
d522d8006b guix: Attest to inputs in inputs.SHA256SUMS (Carl Dong)
f9e2960c01 guix: Construct $OUTDIR in ${DISTSRC}/output (Carl Dong)
022abc85fc guix: Minor quoting fix in libexec/build.sh (Carl Dong)
c83c4fa5b7 guix-attest: Allow skipping GPG signing with NO_SIGN (Carl Dong)
0e1c2e448c guix-attest: Use ascii-armor signatures (Carl Dong)
b5fd89c4c8 guix-attest: Only use cross-platform flags for find+xargs (Carl Dong)
5926432ba6 guix: Add guix-verify script (Carl Dong)
30daf76a97 guix: Add guix-attest script (Carl Dong)

Pull request description:

  Adds replacements for `gsign` and `gverify`.

  Personally I'm not a big fan of using the word "sign" as it's been used to refer to both codesigning and GPG signing.

ACKs for top commit:
  laanwj:
    Code review and tested ACK d420e5c1c0

Tree-SHA512: 93d82d201f4596eaea0e3825aa55b013dfb91790e6ccee79893833d37921513d7b4e735f0641103e1e2ea8308abe4cb6218b73160924708802f2e0e3f7f6caf1
2021-05-12 13:51:38 +02:00
Hennadii Stepanov
29c9e2c2d2
wallet: Do not iterate a directory if having an error while accessing it
This change prevents infinite looping for, for example, system folders
on Windows.
2021-05-12 12:11:47 +03:00
MarcoFalke
faad68fcd4
index: Avoid async shutdown on init error 2021-05-12 10:47:35 +02:00
MarcoFalke
fa74bfc860
fuzz: Run const CScript member functions only once 2021-05-12 10:20:59 +02:00
MarcoFalke
faf30f2ae0
doc: Update bips.md for 0.21.1 2021-05-12 10:06:37 +02:00
MarcoFalke
2e30e328a7
Merge bitcoin/bitcoin#19064: refactor: Cleanup thread ctor calls
792be53d3e refactor: Replace std::bind with lambdas (Hennadii Stepanov)
a508f718f3 refactor: Use appropriate thread constructor (Hennadii Stepanov)
30e4448215 refactor: Make TraceThread a non-template free function (Hennadii Stepanov)

Pull request description:

  This PR does not change behavior.
  Its goal is to improve readability and maintainability of the code.

ACKs for top commit:
  jnewbery:
    utACK 792be53d3e
  jonatack:
    tACK 792be53d3e
  MarcoFalke:
    cr ACK 792be53d3e

Tree-SHA512: a03142f04f370f6bc02bd3ddfa870819b51740fcd028772241d68c84087f95a2d78207cbd5edb3f7c636fcf2d76192d9c59873f8f0af451d3b05c0cf9cf234df
2021-05-12 08:51:32 +02:00
fanquake
03e16cb027
Merge bitcoin/bitcoin#21593: build, qt, refactor: Get rid of some sed command instances
b95f7f8ac0 build, qt, refactor: Drop sed commands for win32-g++/qmake.conf (Hennadii Stepanov)

Pull request description:

  Such possibility is [available](https://codereview.qt-project.org/c/qt/qtbase/+/165348) since Qt 5.8.0.

ACKs for top commit:
  fanquake:
    ACK b95f7f8ac0

Tree-SHA512: e56a3d208a6bd5d42c722f8b344010fe7d1b6f7a28486613dfcb03f0403a47cee8476e2366eeaac401a19836cd09f782e8741a1e781ab4d78f72c500a30e4929
2021-05-12 14:24:47 +10:00
fanquake
6754e1928b
Merge bitcoin/bitcoin#21922: fuzz: Avoid timeout in EncodeBase58
faa0d94a7d fuzz: Avoid timeout in EncodeBase58 (MarcoFalke)

Pull request description:

  The complexity is O(N^2), so limit the size.

  Hopefully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34126

  Oss-Fuzz testcase for `rpc` fuzzer: https://github.com/bitcoin/bitcoin/files/6461382/clusterfuzz-testcase-minimized-rpc-4831734974775296.log

ACKs for top commit:
  practicalswift:
    cr ACK faa0d94a7d: patch looks correct
  sipa:
    utACK faa0d94a7d

Tree-SHA512: 57ad9de8d811b828982d09a586782fc8a62fa3685590301d58120e2249caa30a9dccd3abe0b47e00ea8482de705fe0edbed298ab8761ea0d29496b50ed2db5d7
2021-05-12 11:03:04 +10:00
MarcoFalke
faa0d94a7d
fuzz: Avoid timeout in EncodeBase58 2021-05-11 21:24:49 +02:00
MarcoFalke
f0a76b3dbc
Merge bitcoin/bitcoin#21892: fuzz: Avoid excessively large min fee rate in tx_pool
99993f0664 fuzz: Avoid excessively large min fee rate in tx_pool (MarcoFalke)

Pull request description:

  Any fee rate above 1 BTC / kvB is clearly nonsense, so no need to fuzz this.

  Hopefully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34078

ACKs for top commit:
  practicalswift:
    cr ACK 99993f0664: patch looks correct despite no `fa` prefix in commit hash

Tree-SHA512: bd3651d354b13d889ad1708d2b385ad0479de036de74a237346eefad5dbfb1df76ec02b55ec00487ec598657ef6102f992302b14c4e47f913a9962f81f4157e6
2021-05-11 20:35:20 +02:00
MarcoFalke
88dc09d759
Merge bitcoin/bitcoin#21909: fuzz: Limit max insertions in timedata fuzz test
fa95555a49 fuzz: Limit max insertions in timedata fuzz test (MarcoFalke)

Pull request description:

  It is debatable whether a size of the median filter other than `200` (the only size used in production) should be fuzzed. For now add a minimal patch to cap the max insertions. Otherwise the complexity is N^2 log(N), where N is the size of the fuzz input.

  Hopefully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34167

ACKs for top commit:
  practicalswift:
    cr ACK fa95555a49: patch looks correct

Tree-SHA512: be7737e9f4c906053e355641de84dde31fed37ed6be4c5e92e602ca7675dffdaf06b7063b9235ef541b05d3d5fd689c99479317473bb15cb5271b8baabffd0f2
2021-05-11 20:32:20 +02:00
eugene
9c891b64ff net: initialize nMessageSize to max uint32_t instead of -1
nMessageSize is uint32_t and is set to -1. This will warn with
-fsanitize=implicit-integer-sign-change.
2021-05-11 11:21:29 -04:00
W. J. van der Laan
e175a20769
Merge bitcoin/bitcoin#21644: p2p, bugfix: use NetPermissions::HasFlag() in CConnman::Bind()
36fb036d25 p2p: allow NetPermissions::ClearFlag() only with PF_ISIMPLICIT (Jon Atack)
4e0d5788ba test: add net permissions noban/download unit test coverage (Jon Atack)
dde69f20a0 p2p, bugfix: use NetPermissions::HasFlag() in CConnman::Bind() (Jon Atack)

Pull request description:

  This is a bugfix follow-up to #16248 and #19191 that was noticed in #21506. Both v0.21 and master are affected.

  Since #19191, noban is a multi-flag that implies download, so the conditional in `CConnman::Bind()` using a bitwise AND on noban will return the same result for both the noban status and the download status. This means that download peers are incorrectly not being added to local addresses because they are mistakenly seen as noban peers.

  The second commit adds unit test coverage to illustrate and test the noban/download relationship and the `NetPermissions` operations involving them.

  The final commit adds documentation and disallows calling `NetPermissions::ClearFlag()` with any second param other than `NetPermissionFlags` "implicit" -- per current usage in the codebase -- because `ClearFlag()` should not be called with any second param that is a subflag of a multiflag, e.g. "relay" or "download," as that would leave the result in an invalid state corresponding to none of the existing NetPermissionFlags. Thanks to Vasil Dimov for noticing this.

ACKs for top commit:
  theStack:
    re-ACK 36fb036d25 
  vasild:
    ACK 36fb036d25
  hebasto:
    ACK 36fb036d25, I have reviewed the code and it looks OK, I agree it can be merged.
  kallewoof:
    Code review ACK 36fb036d25

Tree-SHA512: 5fbc7ddbf31d06b35bf238f4d77ef311e6b6ef2e1bb9893f32f889c1a0f65774a3710dcb21d94317fe6166df9334a9f2d42630809e7fe8cbd797dd6f6fc49491
2021-05-11 13:08:45 +02:00
Vasil Dimov
105941b726
net: use stronger AddLocal() for our I2P address
There are two issues:

1. Our I2P address not added to local addresses.

* `externalip=` is used with an IPv4 address (this sets automatically
  `discover=0`)
* No `discover=1` is used
* `i2psam=` is used
* No `externalip=` is used for our I2P address
* `listenonion=1 torcontrol=` are used

In this case `AddLocal(LOCAL_MANUAL)` is used for our `.onion` address
and `AddLocal(LOCAL_BIND)` for our `.b32.i2p` address, the latter being
ignored due to `discover=0`.

2. Our I2P address removed from local addresses even if specified
with `externalip=` on I2P proxy restart.

* `externalip=` is used with our I2P address (this sets automatically
  `discover=0`)
* No `discover=1` is used
* `i2psam=` is used

In this case, initially `externalip=` causes our I2P address to be added
with `AddLocal(LOCAL_MANUAL)` which overrides `discover=0` and works as
expected. However, if later the I2P proxy is shut down we do
`RemoveLocal()` in order to stop advertising our I2P address (since we
have lost I2P connectivity). When the I2P proxy is started and we
reconnect to it, restoring the I2P connectivity, we do
`AddLocal(LOCAL_BIND)` which does nothing due to `discover=0`.

To resolve those two issues, use `AddLocal(LOCAL_MANUAL)` for I2P which
is also what we do with Tor.
2021-05-11 12:46:45 +02:00
MarcoFalke
94f83534e4
Merge bitcoin/bitcoin#21752: doc: Clarify that feerates are per virtual size
fae196147b doc: Clarify that feerates are per virtual size (MarcoFalke)
fa83e95ac6 scripted-diff: Clarify that feerates are per virtual size (MarcoFalke)

Pull request description:

  By implementing segwit, it is already clear that all feerates in Bitcoin Core are denoted in (amount/virtual size). Though, there is  inconsistency, as some places use kvB, some use kB. Thus, replace all with "kvB".

  See also commit 6da3afbaee, which did the replacement for wallet RPCs.

ACKs for top commit:
  ryanofsky:
    Code review ACK fae196147b. Checked instances where units were being added in the second commit and they all looked right.

Tree-SHA512: ab70d13cde7d55c1ac931bddc2b45aa218fc75ef46cb6ea9e5a30b1d4dbf27889c2b6357299a6c5427912443a46ec3592a4809dae335e03162bd2120a0f7f8ad
2021-05-11 11:55:20 +02:00
MarcoFalke
fa0ad7b9fe
doc: Remove mention of priority estimation
Follow up to commit b2322e0fc6
2021-05-11 11:52:32 +02:00
MarcoFalke
fa340b8794
refactor: Avoid magic value of all-zeros in assumeutxo base_blockhash
Just use std::optional
2021-05-11 11:21:05 +02:00
W. J. van der Laan
39e306009b
Merge bitcoin-core/gui#271: Don't clear console prompt when font resizing
7962e0dde8 qt: Do not clear console prompt when font resizing (Hennadii Stepanov)
d2cc339005 qt, refactor: Drop redundant history cleaning in RPC console (Hennadii Stepanov)
4f0ae472e2 qt: Untie irrelevant signal-slot parameters (Hennadii Stepanov)

Pull request description:

  On master, a console resize event will clear the prompt. To fix this, we store the content of the prompt and re-set it upon a resize. This preserves the prompt text throughout resizes. The text will still clear when you click the clear button, as it should.

  **Master**

  | Before Resize      | After Resize |
  | ----------------- | ------------ |
  |  ![master-beforeresize](https://user-images.githubusercontent.com/23396902/113553721-2a428d80-95c6-11eb-971b-bb77151bc6d5.png)  |  ![master-afterresize](https://user-images.githubusercontent.com/23396902/113553769-3d555d80-95c6-11eb-9cdb-9ad1fd7208a9.png) |

  **PR**
  | Before Resize      | After Resize |
  | ----------------- | ------------ |
  | ![pr-beforeresize](https://user-images.githubusercontent.com/23396902/113553885-6f66bf80-95c6-11eb-8317-0975f1ebd444.png) | ![pr-afterresize](https://user-images.githubusercontent.com/23396902/113553906-75f53700-95c6-11eb-9a32-b64d8aba98e5.png) |

  Closes #269

ACKs for top commit:
  laanwj:
    Code review ACK 7962e0dde8
  hebasto:
    ACK 7962e0dde8
  Talkless:
    tACK 7962e0dde8, tested on Debian Sid with Qt 5.15.2

Tree-SHA512: a6f19d3f80e2e47725cff5d6e15862b6cb793a65dfcaded15f23bba051088cd3317f068f93290c9b09d0a90f5fcac1c5a4610cc417cc5961ba6d005fe5049ab0
2021-05-11 11:06:47 +02:00
MarcoFalke
fae33f98e6
Fix assumeutxo crash due to invalid base_blockhash
Can be reviewed with --color-moved=dimmed-zebra --color-moved-ws=ignore-all-space
2021-05-11 10:41:03 +02:00
MarcoFalke
fa5668bfb3
refactor: Use type-safe assumeutxo hash
This avoids accidentally mixing it up with other hashes (like block
hashes).
2021-05-11 10:40:40 +02:00
MarcoFalke
0000007709
refactor: Remove unused code 2021-05-11 10:39:44 +02:00
MarcoFalke
faa921f787
move-only: Add util/hash_type
Can be reviewed with --color-moved=dimmed-zebra
2021-05-11 10:38:18 +02:00
t-bast
c30dd02cd8
refactor: remove redundant fOnlySafe argument
The fOnlySafe argument to AvailableCoins is now redundant, since #21359
added a similar field inside the CCoinControl struct.

Not all code paths set a CCoinControl instance, but when it's missing we
can default to using only safe inputs which is backwards-compatible.
2021-05-11 09:58:13 +02:00
MarcoFalke
fa95555a49
fuzz: Limit max insertions in timedata fuzz test 2021-05-11 08:54:24 +02:00
MarcoFalke
d2f6d2976f
Merge bitcoin/bitcoin#21895: refactor: Add TSA annotations to the WorkQueue class members
34b04eec44 refactor: Add TSA annotations to the WorkQueue class members (Hennadii Stepanov)

Pull request description:

  Noted while reviewing #19033, and hoping this will not conflict with it :)

ACKs for top commit:
  promag:
    Code review ACK 34b04eec44.

Tree-SHA512: 4c15729acd95223263c19bc0dd64b9e7960872b48edee6eee97a5d0c2b99b8838185ac3a2ccd5bee992cb3a12498633427fe9919be5a12da9949fcf69a6275a0
2021-05-11 07:00:34 +02:00
fanquake
4a26705761
Merge bitcoin/bitcoin#21902: refactor: Remove useless extern keyword
fa4bbd306e refactor: Remove useless extern keyword (MarcoFalke)

Pull request description:

  It is redundant, confusing and useless.

  https://en.cppreference.com/w/cpp/language/storage_duration#external_linkage

ACKs for top commit:
  practicalswift:
    cr ACK fa4bbd306e: patch looks correct
  Talkless:
    utACK fa4bbd306e, built successfully on Debian Sid, looks OK.
  jonatack:
    Light code review ACK fa4bbd306e
  hebasto:
    ACK fa4bbd306e, I've verified that all of the remained `extern` keywords specify either (a) a variable with external linkage, or (b) a symbol with "C" language linkage.
  promag:
    Code review ACK fa4bbd306e.

Tree-SHA512: 1d77d661132defa52ccb2046f7a287deb3669b68835e40ab75a0d9d08fe6efeaf3bea7c0e76c754fd18bfe45972c253a39462014080d014cc5d810498784e3e4
2021-05-11 08:52:37 +10:00
Hennadii Stepanov
4bc3b16349
Merge bitcoin-core/gui#293: Enable wordWrap for Services
a0f7978674 qt: enable wordWrap for peers-tab detail services (randymcmillan)

Pull request description:

  Enable wordWrap for peers-tab detailView Services

ACKs for top commit:
  Talkless:
    tACK a0f7978674 on same environment as previously.
  hebasto:
    ACK a0f7978674, tested on Linux Mint 20.1 (Qt 5.12.8):
  kristapsk:
    re-ACK a0f7978674. Tested under Gentoo Linux with Xfce4 (Qt 5.15.2).

Tree-SHA512: 872e511d2ecfa72fea0fd3284a958b45ee8aee138469ce7f9cd853cd9098b9583917909934b0a5c96f9b81ea1567bcea6a037558829bb79f2a3f413a83df06e6
2021-05-11 00:45:15 +03:00
Hennadii Stepanov
b49fe0a75a
Merge bitcoin-core/gui#280: Remove user input from URI error message
3bad0b3fad Remove user input from URI error message (unknown)

Pull request description:

  Removes the user input from error message to avoid it being used in attacks.

  Its not really a vulnerability in Bitcoin Core because involves social engineering, dependency on user environment etc. But this PR improves security and by avoiding abuse of URI error in future.

  Example of an attack:

  1. User opens a link in firefox:

  ```
  bitcoin:tb1qag2e6yhl52hr53vdxzaxvnjtueupvuftan4yfu%0A%0AWARNING%3A%20DO%20NOT%20CLOSE%20THIS%20WINDOW%20OR%20TURN%20OFF%20YOUR%20PC!%20IF%20YOU%20ABORT%20THIS%20PROCESS%2C%20YOU%20COULD%20DESTROY%20ALL%20OF%20YOU%20DATA!%20PLEASE%20ENSURE%20THAT%20YOUR%20POWER%20CABLE%20IS%20PLUGGED%20IN!%0A%0AYou%20became%20victim%20of%20the%20XYZ%20RANSOMWARE!%0A%0AThe%20hard%20disks%20of%20your%20computer%20have%20been%20encrypted%20with%20a%20military%20grade%20encryption%20algorithm.%20There%20is%20no%20way%20to%20restore%20your%20data%20without%20a%20special%20key.%20You%20can%20purchase%20this%20key%20on%20the%20darknet%20page%20shown%20in%20step%202.%0ATo%20purchase%20your%20key%20and%20restore%20your%20data%2C%20please%20follow%20these%20three%20easy%20steps%3A%0A%0A1.%20Download%20the%20Tor%20browser%20at%20%E2%80%9Chttps%3A%2F%2Fwww.torproject.org%2F%E2%80%9C.%0A2.%20Visit%20one%20of%20the%20following%20pages%20with%20the%20Tor%20Browser%3A%0Ahttp%3A%2F%2Frandomchars.onion%2Fabc123%0A3.%20Send%20BTC%20by%20following%20the%20instructions%20on%20the%20page
  ```

  2. User selects Bitcoin Core to open the link:

  ![image](https://user-images.githubusercontent.com/13405205/114619801-8ee9a080-9cc8-11eb-9fad-23a2b831e8df.png)

  3. User is asked to send BTC with some message convincing enough which can be different depending on the victim:

  ![image](https://user-images.githubusercontent.com/13405205/114620061-d3753c00-9cc8-11eb-8314-e3362ebb90ac.png)

  **After this PR** (_No user input mentioned in the error_):

  ![image](https://user-images.githubusercontent.com/13405205/114624342-2b627180-9cce-11eb-93a8-0b2438d71571.png)

ACKs for top commit:
  hebasto:
    ACK 3bad0b3fad, tested on Linux Mint 20.1 (Qt 5.12.8).
  jarolrod:
    tACK 3bad0b3fad

Tree-SHA512: aac2fdfcaa7a9cd6582750c1960682554795640f5aacb78bdae121724e1151da3cbb62b8f8b1e0bc37347afe78b3e9a446277cab8e009d2a1050c0e971f001b3
2021-05-11 00:27:51 +03:00
Hennadii Stepanov
a2bdbdb358
Merge bitcoin-core/gui#194: Save/restore RPCConsole geometry only for window
01d9586ae8 qt: Save/restore RPCConsole geometry only for window (Hennadii Stepanov)

Pull request description:

  After using the GUI with `-disablewallet` the "Node window" inherits the geometry of the main window, that could be unexpected for users.

  This PR provides independent geometry settings for `RPCConsole` in both modes:
  - window sizes and `QSplitter` sizes when `-disablewallet=0`
  - only `QSplitter` sizes when `-disablewallet=1`

ACKs for top commit:
  Talkless:
    tACK 01d9586ae8, tested on Debian Sid with Qt 5.15.2. I've managed to reproduce issue using https://github.com/bitcoin-core/gui/pull/194#issuecomment-782822663 instructions, and I see that this PR does detach main window and information window sizes. Built with `--enable-wallet` and `--disable-wallet`.
  jarolrod:
    ACK 01d9586ae8, tested on macOS 11.2 Qt 5.15.2
  promag:
    Code review ACK 01d9586ae8.

Tree-SHA512: 9934cf04d4d5070dfc4671ea950e225cda9988858227e5481dad1baafa14af477bdbf4f91307ca687fde0cad6e4e605a3a99377e70d67eb115a19955ce2516f5
2021-05-10 23:56:14 +03:00
Hennadii Stepanov
8d7125f80e
Merge bitcoin-core/gui#257: refactor: Use template function qOverload in signal-slot connections
cdbc2bd1f1 qt: Use template function qOverload in signal-slot connections (Hennadii Stepanov)

Pull request description:

  A nice template function [`qOverload`](https://doc.qt.io/qt-5/qtglobal.html#qOverload) is available for us now (https://github.com/bitcoin/bitcoin/pull/20413, https://github.com/bitcoin/bitcoin/pull/21286).

  Its usage makes code much more readable.

  This PR does not change behavior.

ACKs for top commit:
  Talkless:
    utACK cdbc2bd1f1.
  promag:
    Code review ACK cdbc2bd1f1.

Tree-SHA512: 72002aa646b1a79bab62d498825b3f245dc7ebdc189280f8bd3b4076e1bb50be8802c02bc872ff6f70c1ea81faec66d3bec36471119dd98c9e70d87b990396ae
2021-05-10 23:42:05 +03:00
MarcoFalke
d8ae29ec8f
Merge bitcoin/bitcoin#21900: test: use MiniWallet for feature_csv_activation.py
bd7f27d16d refactor: feature_csv_activation.py: move tx helper functions to methods (Sebastian Falbesoner)
2eca46b0aa test: use MiniWallet for feature_csv_activation.py (Sebastian Falbesoner)

Pull request description:

  This PR enables one more of the non-wallet functional tests (feature_csv_activation.py) to be run even with the Bitcoin Core wallet disabled by using the new MiniWallet instead, as proposed in #20078.

  Short reviewers guideline:
  - Since we exclusively work with anyone-can-spend outputs here (raw scriptPubKey = OP_TRUE), signing is not needed anymore. The function `sign_transaction` and its calls are removed, after changing a tx (e.g. its scriptSig or nVersion) a simple `.rehash()` call is sufficient. Also, generating an address `self.nodeaddress` (and with that, passing it to the the various test tx creation/sending helper methods) is not needed anymore and removed.
  - The test repeatedly uses the same input for creating different txs (e.g. with different txversions 1 and 2). To let `MiniWallet` create a tx with a specific input, we have to call `.get_utxo()` before which also marks the UTXO as spent. The method is changed to also support keeping the UTXO in its internal list (`mark_as_spent=False`). With the behaviour on master, the second call to `.get_utxo()` with the same input would fail.
  - To keep the diff in the first commit short, the `miniwallet` is set as a global variable, to avoid passing it on every tx creation/spending helper. The global is eliminated in the second (refactoring) commit, where all the helpers are moved to the test class as methods. By that, we can use `self.nodes[0]` directly in the helpers and don't have to pass it again and again. I think there could still be a lot of improvements/refactoring done in the test, but that should hopefully serve as a good basis.

ACKs for top commit:
  laanwj:
    Code review ACK bd7f27d16d
  MarcoFalke:
    review ACK bd7f27d16d 🐕

Tree-SHA512: 24fb6a0f7702bae40d5271d197119827067d4b597e954d182e4c1aa5d0fa870368eb3ffed469b26713fa8ff8eb3ecc06abc80b2449cd68156d5559e7ae8a2b11
2021-05-10 17:50:21 +02:00